On 28/05/20 9:25 am, Peter Reutemann wrote:
The result? When your device was stolen, lost, or stopped working, you had to go through the same painful and time-consuming account recoveries Caltagirone did. The lack of a backup and recovery mechanism meant the only viable way to hedge against a device loss or malfunction was to print, scan, or photograph each QR code or the underlying Web link (for instance, http://USERNAME(a)salesforce.com/?secret=LZZIKRWX736EH2IQ&issuer=Slack) it represented. That was time consuming. Even worse, it was cumbersome and insecure to store them, particularly when traveling.'
Most (if not all) 2FA-enabled services offer backup codes that can be used in the case where your phone is out of action (no battery, stolen or broken). Once you are logged in you then have the option of generating a new code. The other option is some TOTP apps allow you to back-up your codes and access them on any device. Authy is an example of this. -- Simon